Why is Data Security Important? - Purdue University

Why is Data Security Important?

1

Ward Against Identity Theft

Identity theft occurs when somebody steals your name and other personal information* for fraudulent purposes. They can use this information to apply for credit cards, drivers licenses, etc. Identity theft can result in an individuals' credit being damaged and could potentially make it difficult for them to get loans or other credit cards. It could also result in numerous hours and money that an individual may spend in clearing their name. *Social Security numbers, birth date, mother's maiden name, driver's license number, bank account information, and credit card information.

2

1

Avoid Risking Safety of University Staff

Some staff at the University have chosen to withhold their information (such as home phone and address) from being published in the Purdue directory. They may have chosen this for numerous reasons, but their privacy needs to be respected. Unfortunately, some staff may be in situations where they or their families' personal safety may be in jeopardy if this information fell into the wrong hands.

3

Avoid Federal Penalties and Fines

We are bound by federal guidelines such as HIPAA, FERPA, GLBA etc. These guidelines require us to handle data in a certain way. If we fail to comply with these guidelines, the University could receive penalties and/or fines.

4

2

Embarrassment to the University

When data is compromised, letters are typically sent out to those who were potentially affected. This may often affect students, staff, donors, etc. Articles may be published in the newspaper and reports may be seen on local or national news. This is very bad publicity for the University.

5

Stolen Financial Resources

Some areas of the University have access to staff bank accounts (i.e., for direct deposit). If this information fell into the wrong hands, the individuals' financial holdings could be at jeopardy.

6

3

Why Should I Care About How Data is Handled?

We often become desensitized to the data that we handle in our everyday job. However, somewhere at the University, someone is handling your information, whether it be your SSN, your bank account information, etc. Think about how you want your data handled and use those same measures for handling the data of individuals or the University.

7

4

Security Policies and Memorandums

1

Data Access and Security Policy C-34

? Applies to administrative computing resources regardless of where they reside. Its three major guiding principles are:

? Access - To assure that employees have access to relevant data they need to conduct University business;

? Data Security - To prevent unauthorized access to systems, data, facilities, and networks; and

? Physical Security - To prevent any misuse of, or damage to, computer assets or data.

? Security Policy C-34 specifically states that, "No

University employee will knowingly damage or

misuse computing resources or data. The

employee's need to access data does not

equate to casual viewing. It is the employee's

obligation, and his/her supervisor's

responsibility, to ensure that access to data is

only to complete assigned functions."

2

1

 ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download